Database Reference
In-Depth Information
Controlling access
We've now created a user account for our data analytics team, but so far that user can't actu-
ally do anything in our database. We'd like to give the data analytics team read access to all
the data in our application's keyspace, but no ability to modify data or schema structures.
To do this, we'll use the
GRANT
command:
GRANT SELECT PERMISSION
ON KEYSPACE "my_status"
TO 'data_analytics';
Now the
data_analytics
user can read the data from any table in the
my_status
keyspace; however, it can't make any modifications to anything. The
SELECT
permission
we used above is one of six that Cassandra makes available:
Permission
Description
CQL commands allowed
Read data
SELECT
SELECT
INSERT
UPDATE
Add, update, and remove data in existing tables
MODIFY
DELETE
TRUNCATE
CREATE TABLE
CREATE
Create keyspaces and tables
CREATE KEYSPACE
ALTER TABLE
CREATE INDEX
Modify the structure of existing keyspaces and tables
ALTER
DROP INDEX
ALTER KEYSPACE
Drop existing keyspaces and tables
DROP
DROP TABLE
